http://arstechnica.com/security/2014/09/hacker-exploits-printer-web-interface-to-install-run-doom/
By Sam Machkovech
Ars Technica
Sept 15 2014
On Friday, a hacker presenting at the 44CON Information Security
Conference in London picked at the vulnerability of Web-accessible devices
and demonstrated how to run unsigned code on a Canon printer via its
default Web interface. After describing the device's encryption as
"doomed," Context Information Security consultant Michael Jordon made his
point by installing and running the first-person shooting classic Doom on
a stock Canon Pixma MG6450.
Sure enough, the printer's tiny menu screen can render a choppy and
discolored but playable version of id Software's 1993 hit, the result of
Jordon discovering that Pixma printers' Web interfaces didn't require any
authentication to access. "You could print out hundreds of test pages and
use up all the ink and paper, so what?" Jordon wrote at Context's blog
report about the discovery, but after a little more sniffing, he found
that the devices could also easily be redirected to accept any code as
legitimate firmware.
A vulnerable Pixma printer's Web interface allows users to change the Web
proxy settings and the DNS server. From there, an enterprising hacker can
crack the device's encryption in eight steps, the final of which includes
unsigned, plain-text firmware files. The hacking possibilities go far
beyond enabling choppy, early '90s gaming: "We can therefore create our
own custom firmware and update anyone’s printer with a Trojan image which
spies on the documents being printed or is used as a gateway into their
network," Jordon wrote.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
